<?php

require_once('../inc/utils.php');

function main()
{
	global $g_tplvars;
	$g_tplvars['title'] = 'Consumable Inventory';
	
	if(!isset($_GET['action']))
	{
		header('Location: inventory.php?action=summary');
		exit;
	}
	
	//Look up our access
	restricted();
	if( ($_GET['action'] == '') || ($_GET['action'] == 'summary') || ($_GET['action'] == 'detail'))
		checkinvaccess('read');
	else
		checkinvaccess('full');	
	
	//legal actions
	$actions = array(
		'summary',
		'create',
		'docreate',
		'confirm',
		'delete',
		'detail',
		'edit',
		'doedit',
		);
		
	if(!in_array($_GET['action'], $actions))
		summary();
	else
		$_GET['action']();
}

function summary()
{
	//Build list of active inventory
	//TODO: pager
	$inventory = '';
	$r = dbquery('select * from `inventory` order by `desc`');
	global $g_tplvars;
	$totalprice = 0;
	while($a = mysql_fetch_object($r))
	{
		foreach($a as $n=>$v)
			$g_tplvars[$n] = $v;
		$g_tplvars['price'] = str_replace(' ', '&nbsp;', sprintf('$%7.2f', $a->price / 100));
		$g_tplvars['total'] = str_replace(' ', '&nbsp;', sprintf('$%7.2f', $a->price * $a->qty / 100));
		$totalprice += $a->price * $a->qty / 100;
		if($a->stock)
			$g_tplvars['stock'] = 'yes';
		else
			$g_tplvars['stock'] = 'no';
		$g_tplvars['class'] = '';
		if($a->qty == 0)
			$g_tplvars['class'] = 'outofstock';
		$inventory .= templatize('../templates/inventory-summary-item.html');
	}
	
	$g_tplvars['totalprice'] = str_replace(' ', '&nbsp;', sprintf('$%7.2f', $totalprice));
	
	$g_tplvars['inventory'] = $inventory;	
	render('../templates/inventory-summary.html');
}

function create()
{
	render('../templates/inventory-create.html');
}

function docreate()
{
	//Prepare input
	$desc = sanitize_db(sanitize_render($_POST['desc']));
	$qty = intval($_POST['qty']);
	$price = sanitize_db(sanitize_render($_POST['price']));
	$price = intval($price * 100);
	$reorder = sanitize_db(sanitize_render($_POST['reorder']));	
	$package = sanitize_db(sanitize_render($_POST['package']));	
	$stock = 0;
	if(isset($_POST['stock']))
		$stock = 1;
	
	//Add to the database
	dbquery(
			'insert into inventory(`desc`,`price`,`qty`,`stock`,`reorder`,`package`) '.
			'values(\'' . $desc . '\', \'' . $price . '\', \'' . $qty . '\', \'' . $stock . '\', \'' . $reorder . '\', \'' . $package . '\')'
		);
	
	//and go back to the overview
	header('Location: inventory.php');
}

function confirm()
{
	global $g_tplvars;
	$op = sanitize_db(sanitize_render($_GET['confirm']));
	
	//Grab info about the asset, make sure it exists
	$id = intval($_GET['id']);
	$r = dbquery('select * from `inventory` where `id` = \'' . $id . '\' limit 1');
	if(mysql_num_rows($r) == 0)
	{
		render('../templates/inventory-not-found.html');
		exit;
	}
	
	//Get warning messages
	$g_tplvars['op'] = $op;
	$g_tplvars['id'] = $id;
	$g_tplvars['desc'] = mysql_fetch_object($r)->desc;
	if($op == 'delete')
		$g_tplvars['warning'] = 'It will be completely removed, including accounting records. This operation cannot be undone.';
	render('../templates/inventory-confirm.html');
}

function delete()
{
	//Make sure it exists
	$id = intval($_GET['id']);
	$r = dbquery('select * from `inventory` where `id` = \'' . $id . '\' limit 1');
	if(mysql_num_rows($r) == 0)
	{
		render('../templates/inventory-not-found.html');
		exit;
	}
	
	//Delete it
	dbquery('delete from `inventory` where `id` = \'' . $id . '\' limit 1');
	
	//and go back to the main page
	header('Location: inventory.php?action=summary');
}

function detail()
{
	global $g_tplvars;
	global $g_config;
	
	//Grab info about the asset, make sure it exists
	$id = intval($_GET['id']);
	$r = dbquery('select * from `inventory` where `id` = \'' . $id . '\' limit 1');
	if(mysql_num_rows($r) == 0)
	{
		render('../templates/inventory-not-found.html');
		exit;
	}
	
	//and render
	$a = mysql_fetch_object($r);
	foreach($a as $n=>$v)
		$g_tplvars[$n] = $v;
	$g_tplvars['price'] = sprintf('$%.2f', $a->price / 100);
	$g_tplvars['total'] = sprintf('$%.2f', $a->price * $a->qty / 100);
	if($a->stock)
		$g_tplvars['stock'] = 'yes';
	else
		$g_tplvars['stock'] = 'no';
	
	render('../templates/inventory-detail.html');
}

function edit()
{
	global $g_tplvars;
	global $g_config;
	
	//Grab info about the asset, make sure it exists
	$id = intval($_GET['id']);
	$r = dbquery('select * from `inventory` where `id` = \'' . $id . '\' limit 1');
	if(mysql_num_rows($r) == 0)
	{
		render('../templates/inventory-not-found.html');
		exit;
	}
	
	//and render
	$a = mysql_fetch_object($r);
	foreach($a as $n=>$v)
		$g_tplvars[$n] = $v;
	
	$g_tplvars['price'] = sprintf('$%.2f', $a->price / 100);
	if($a->stock)
		$g_tplvars['stock'] = 'on';
	else
		$g_tplvars['stock'] = 'off';
	
	render('../templates/inventory-edit.html');
}

function doedit()
{
	//Grab info about the item, make sure it exists
	$id = intval($_POST['id']);
	$r = dbquery('select * from `inventory` where `id` = \'' . $id . '\' limit 1');
	if(mysql_num_rows($r) == 0)
	{
		render('../templates/inventory-not-found.html');
		exit;
	}
	
	//Prepare input
	$desc = sanitize_db(sanitize_render($_POST['desc']));
	$price = sanitize_db(sanitize_render(str_replace('$', '', $_POST['price'])));
	$price = intval($price * 100);
	$qty = intval($_POST['qty']);
	$package = sanitize_db(sanitize_render($_POST['package']));	
	$reorder = sanitize_db(sanitize_render($_POST['reorder']));	
	$stock = 0;
	if(isset($_POST['stock']))
		$stock = 1;
	
	//Update it
	dbquery(
		'update `inventory` set `desc` = \'' . $desc . '\', ' . '`price` = \'' . $price . '\', `qty` = \'' . $qty .
		'\', `reorder` = \'' . $reorder . '\', `stock` = \'' . $stock . '\', `package` = \'' . $package . '\' where `id` = \''. $id .'\'');
	
	//and go back to the main page
	header('Location: inventory.php?action=summary');
}

?>
